Steps to configure after PowerMTA Installation

 Steps:

1. Setup PMTA

2. Install Open SSL & Make Certchain with key & cert

3. Create Selector,Generate DKIM public & Private keys 

4. Create CNAME with selector and point to TXT record having public key values

5. Create .pem file in specified directory and add corresponding DKIM private key(s)

6. Setup Master and Subordinate SPF

7. Set PTR & corresponding hostname for IPs

8. Set DMARC, BIMI , MTA STS record

9. Create & setup Domain config file

10. Create & setup PMTA config file 

11. Start PMTA, Test Deliverability

How to test PowerMTA SMTP using telnet

telnet localhost 25

ehlo localhost

mail from: username@from-domain.tld

rcpt to: username@to-domain.tld

data

Subject: PMTA SMTP Check

This is just an SMTP conf Check. You may disregard.

.

quit

tail -f /var/log/pmta/pmta.log

pmta show queues

How to Send an email using Telnet in CentOS

sudo apt install telnet

sudo yum install telnet

telnet targetserver.tld 25

HELO sourceserver.tld 

MAIL FROM: username@sourcedomain.tld

RCPT TO: username@example.com

DATA 

Subject: Sending an email using  SMTP through telnet 

Hi, 

This is just a Test Email ? You may disregard this? 

regards;

Mr. Y

.

Note: We can start writing some subject and body. To do that we need to use the DATA command. First type DATA followed by Subject: and the body. Once done, enter " . "  (without quote)to send the email to be queued.

Add Domain specific DKIM in PMTA config

#MTAs

<virtual-mta ip1>

    smtp-source-host 192.198.0.1 host.domain.tld

    <domain *>

        max-msg-rate 400/h

    </domain>

</virtual-mta>

#DKIM Keys

domain-key key1,domain1.tld,/etc/pmta/keys/key1.domain.tld

domain-key key2,domain2.tld,/etc/pmta/keys/key2.domain.tld

domain-key key3,domain3.tld,/etc/pmta/keys/key3.domain.tld

#Specify the DKIM for specific Domain using Directive

<domain domain1.tld>

    dkim-sign yes

    smtp-hosts [127.0.0.1]:587

    dkim-identity @domain1.tld

</domain>

<domain domain2.tld>

    dkim-sign yes

    smtp-hosts [127.0.0.1]:587

    dkim-identity @domain2.tld

</domain>

<domain domain3.tld>

    dkim-sign yes

    smtp-hosts [127.0.0.1]:587

    dkim-identity @domain3.tld

</domain>

#CALL PMTA POOL for Rotation

<virtual-mta-pool pmta-pool>

    virtual-mta ip1

</virtual-mta-pool>

How to hide IP in header from Postal MTA

Remove  text where need using the following file in postalMTA.

For SMTP Server:

lib/postal/smtp_server/client.rb

@receiving_headers = true
received_header_content = "from #{@helo_name} (#{@hostname} [#{@ip_address}]) by #{Postal.config.dns.smtp_server_hostname} with SMTP;

For HTTP:

app/models/outgoing_message_prototype.rb

mail.header['Received'] = "from #{@source_type} (#{self.resolved_hostname} [#{@ip}]) by Postal with HTTP; #{Time.now.utc.rfc2822.to_s}"
mail.message_id = "<#{@message_id}>"

PowerMTA System requirements

It depends on how big your email lead list is. For example, if you want to send 10000/hour emails , the optimum server would have 10 IPs and would be using 10 domains or subdomains. This way each IP/domain would send emails1000/hour. The more IPs and domains the better variety can be applied as follows.

Minimum system requirements for sending from 1 IP/domain:

• VPS (KVM, OpenVZ, XEN, …)
• CentOS 6 x64 minimal
• 1 core
• 1 GB RAM
• 10 GB HDD
• 1 IP

I theory a server like this could also be used with more IPs and domains but could get to its peak point.
Here are recommended system requirements based on number of used IPs/domains
Local PowerMTA

Everything will run on the same server so our server must have enough power. Here are our recommendations:

5-19 IPs/domains

• VPS or Dedicated server
• 2 cores
• 8 GB RAM
• 20 GB SSD

20-99 IPs/domains

• VPS or Dedicated server
• 4 cores
• 16GB RAM
• 40 GB SSD

100+ IPs/domains

• VPS or Dedicated server
• 8 cores
• 32GB RAM
• 100 GB SSD

Here a saying we all know from Jeremy Clarkson would come in handy, POWER!!!! And more power we have the better.

External PowerMTA

In this case, Mumara will run on one more powerful server and PowerMTA will be installed on many cheaper servers. Here are our recommendations:

Main server – Mumara

• 4 cores
• 16GB RAM
• 40 GB SSD
• 1 IP

MTAs – PowerMTA

• 1 core
• 1 GB RAM
• 10 GB HDD
• 1 IP

This guideline covers both scenarios.

PowerMTA Multiple Virtual PMTA Custom config file (version PowerMTA-5.0r1)

 ############################################################################

# BEGIN: BACKOFF RULES

#N: ISP rules

############################################################################

# domains that resolve to mx?.hotmail.com

domain-macro hotmail hotmail.com,msn.com,hotmail.co.uk,hotmail.fr,live.com,hotmail.it,hotmail.de,email.msn.com,email.hotmail.com,email.msn.com,hotmail.com,live.com,msn.com,webtv.com,webtv.net

<domain $hotmail>

    max-smtp-out 1 # prevent "exceeded the connection limit"

    max-msg-rate 250/h # prevent "exceeded the rate limit"

</domain>

# domains that resolve to ?.mx.mail.yahoo.com

domain-macro yahoo yahoo.com,yahoo.ca,rocketmail.com,ymail.com,yahoo.com.au,geocities.com,yahoo.com.mx,yahoo.com.br,altavista.com,ameritech.net,att.net,bellsouth.net,attbroadband.com,attcanada.net,attglobal.com,attglobal.net,attnet.com,attworldnet.com,bellatlantic.net,bellatlantic.net,bellsouth.com,bellsouth.net,flash.net,netzero.net,nvbell.net,pacbell.net,prodigy.com,prodigy.net,sbcglobal.net,sbcglobal.net,snet.net,swbell.com,swbell.net,toast.net,usa.net,verizon.com,verizon.net,verizonmail.com,vzwpix.com,wans.net,worldnet.att.net,yahoo.net

<domain $yahoo>

    max-msg-per-connection 2 # yahoo policy

    max-msg-rate 250/h # prevent "exceeded the rate limit"

</domain>

# domains that resolve to mailin-0?.mx.aol.com

domain-macro aol aol.com,aim.com,aim.net,cs.com,netscape.com,wmconnect.net,netscape.net,cs.com,mail.com,wmconnect.com,icqmail.com,email.com,usa.com

<domain $aol>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

</domain>

# domains that resolve to (alt?.)gmail-smtp-in.l.google.com

domain-macro gmail gmail.com,googlemail.com

<domain $gmail>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

</domain>

# http://feedback.comcast.net/

 <domain comcast.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Ameritrade, Amitrade

 <domain tdameritrade.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Ameritrade, Amitrade

 <domain ameritrade.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

 # Broadband

 <domain charterinternet.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain comcast.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain comcast.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain comcastwork.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain cox.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain cox.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain coxinternet.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain cox-internet.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain suddenlink.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Broadband

 <domain windjammer.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain centurylink.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain centurylink.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain centurytel.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain centurytel.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain cswnet.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain emadisonriver.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain emadisonriver.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain embarq.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain embarq.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain embarqmail.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain grics.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain gulftel.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain mebtel.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain qwest.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain uswest.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain uswest.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain swestmail.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Century Link

 <domain uswestmail.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Cincinnati Bell

 <domain fuse.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Cincinnati Bell

 <domain fuse.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Cincinnati Bell

 <domain zoomnet.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Cincinnati Bell

 <domain zoomtown.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Cincinnati Bell

 <domain zoomtown.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Earthlink

 <domain earthlink.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Earthlink

 <domain earthlink.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Earthlink

 <domain mindspring.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Earthlink

 <domain netcom.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Godaddy

 <domain Inbox.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Godaddy

 <domain outblaze.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Iwon

 <domain excite.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Iwon

 <domain iwon.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Lycos

 <domain angelfire.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Lycos

 <domain lycos.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Lycos

 <domain lycosmail.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Lycos

 <domain mailcity.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Sprint

 <domain sprintpcs.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Time Warner

 <domain rr.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Time Warner

 <domain adelphia.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Time Warner

 <domain adelphia.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Time Warner

 <domain insightbb.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Time Warner

 <domain roadrunner.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Time Warner

 <domain roadrunner.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# Tmobile

 <domain tmomail.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# United Internet

 <domain gmx.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# United Internet

 <domain mail.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# United Online

 <domain juno.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# United Online

 <domain netzero.com>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# United Online

 <domain unitedonline.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

# United XO

 <domain concentric.net>

    max-msg-rate 250/h # prevent "exceeded the rate limit"

 </domain>

 <domain *>

        use-starttls yes

        require-starttls no

 </domain>

############################################################################

# BEGIN: BACKOFF RULES

#<pattern-list myList>

#mail-from /admin@nicholashillmail.com/ virtual-mta=pmta-vmta19

#header from /admin@nicholashillmail.com/ virtual-mta=pmta-vmta19

#mail-from /admin@mx2.nicholashill.eu/ virtual-mta=pmta-vmta3

#header from /admin@mx2.nicholashill.eu/ virtual-mta=pmta-vmta3

#mail-from /admin@mx3.nicholashill.eu/ virtual-mta=pmta-vmta4

#header from /admin@mx3.nicholashill.eu/ virtual-mta=pmta-vmta4

#mail-from /admin@mx4.nicholashill.eu/ virtual-mta=pmta-vmta5

#header from /admin@mx4.nicholashill.eu/ virtual-mta=pmta-vmta5

#mail-from /admin@mx5.nicholashill.eu/ virtual-mta=pmta-vmta6

#header from /admin@mx5.nicholashill.eu/ virtual-mta=pmta-vmta6

#mail-from /admin@mx6.nicholashillmail.com/ virtual-mta=pmta-vmta7

#header from /admin@mx6.nicholashillmail.com/ virtual-mta=pmta-vmta7

#mail-from /admin@mx5.nicholashillmail.com/ virtual-mta=pmta-vmta8

#header from /admin@mx5.nicholashillmail.com/ virtual-mta=pmta-vmta8

#mail-from /admin@mx4.nicholashillmail.com/ virtual-mta=pmta-vmta9

#header from /admin@mx4.nicholashillmail.com/ virtual-mta=pmta-vmta9

#mail-from /admin@mx3.nicholashillmail.com/ virtual-mta=pmta-vmta10

#header from /admin@mx3.nicholashillmail.com/ virtual-mta=pmta-vmta10

#mail-from /admin@mx2.nicholashillmail.com/ virtual-mta=pmta-vmta11

#header from /admin@mx2.nicholashillmail.com/ virtual-mta=pmta-vmta11

#mail-from /admin@mx1.nicholashillmail.com/ virtual-mta=pmta-vmta12

#header from /admin@mx1.nicholashillmail.com/ virtual-mta=pmta-vmta12

#mail-from /admin@mx5.nicholashillnews.com/ virtual-mta=pmta-vmta13

#header from /admin@mx5.nicholashillnews.com/ virtual-mta=pmta-vmta13

#mail-from /admin@mx4.nicholashillnews.com/ virtual-mta=pmta-vmta14

#header from /admin@mx4.nicholashillnews.com/ virtual-mta=pmta-vmta14

#mail-from /admin@mx3.nicholashillnews.com/ virtual-mta=pmta-vmta15

#header from /admin@mx3.nicholashillnews.com/ virtual-mta=pmta-vmta15

#mail-from /admin@mx2.nicholashillnews.com/ virtual-mta=pmta-vmta16

#header from /admin@mx2.nicholashillnews.com/ virtual-mta=pmta-vmta16

#mail-from /admin@mx1.nicholashillnews.com/ virtual-mta=pmta-vmta17

#header from /admin@mx1.nicholashillnews.com/ virtual-mta=pmta-vmta17

#mail-from /admin@nicholashillnews.com/ virtual-mta=pmta-vmta18

#header from /admin@nicholashillnews.com/ virtual-mta=pmta-vmta18

#mail-from /admin@nicholashill.eu/ virtual-mta=pmta-vmta1

#header from /admin@nicholashill.eu/ virtual-mta=pmta-vmta1

#mail-from /admin@mx1.nicholashill.eu/ virtual-mta=pmta-vmta2

#header from /admin@mx1.nicholashill.eu/ virtual-mta=pmta-vmta2

#</pattern-list>

#<source 127.0.0.1>

#pattern-list myList # this selects the pattern list for messages

#always-allow-relaying yes

#</source>

#<pattern-list myList>

#header from /admin@mx3.nicholashillmail.com/ virtual-mta=pmta-vmta10

#mail-from /admin@mx3.nicholashillmail.com/ virtual-mta=pmta-vmta10

#header from /admin@mx4.nicholashillmail.com/ virtual-mta=pmta-vmta9

#mail-from /admin@mx4.nicholashillmail.com/ virtual-mta=pmta-vmta9

#</pattern-list>

#<source 127.0.0.1>

#pattern-list myList # this selects the pattern list for messages

#</source>

# default domain settings

<domain *>

    max-smtp-out 2 # default be nice on concurrent connections

    max-msg-per-connection 100 # max 500 mails in one session

    max-errors-per-connection 10 # avoid 'too long without data command' error

    max-msg-rate 1000/h

    bounce-upon-no-mx yes # proper mail domains should have mx

    assume-delivery-upon-data-termination-timeout yes # avoid duplicate deliveries

    retry-after 10m # typical greylisting period

    bounce-after 24h # default 4d12h

    smtp-pattern-list blocking-errors

    backoff-max-msg-rate 1/m # send only regular tries during backoff (default unlimited)

    backoff-retry-after 20m # retry at least every 20m (default 1h)

    backoff-notify "" # disable backoff notifications

    backoff-to-normal-after-delivery yes # revert to normal asap (default no)

    backoff-to-normal-after 1h # always revert to normal after 1h (default never)

    dk-sign yes

    dkim-sign yes

</domain>

############################################################################

# END: ISP rules

############################################################################

############################################################################

<smtp-pattern-list common-errors>

  reply /generating high volumes of.* complaints from AOL/    mode=backoff

  reply /Excessive unknown recipients - possible Open Relay/  mode=backoff

  reply /^421 .* too many errors/                             mode=backoff

  reply /blocked.*spamhaus/                                   mode=backoff

  reply /451 Rejected/                                        mode=backoff

</smtp-pattern-list>

<smtp-pattern-list blocking-errors>

    #

    # A QUEUE IN BACKOFF MODE WILL SEND MORE SLOWLY

    # To place a queue back into normal mode, a command similar

    # to one of the following will need to be run:

    # pmta set queue --mode=normal yahoo.com

    # or

    # pmta set queue --mode=normal yahoo.com/vmta1

    #

    # To use backoff mode, uncomment individual <domain> directives

    #

    #AOL Errors

    reply /421 .* SERVICE NOT AVAILABLE/ mode=backoff

    reply /generating high volumes of.* complaints from AOL/ mode=backoff

    reply /554 .*aol.com/ mode=backoff

    reply /421dynt1/ mode=backoff

    reply /HVU:B1/ mode=backoff

    reply /DNS:NR/ mode=backoff

    reply /RLY:NW/ mode=backoff

    reply /DYN:T1/ mode=backoff

    reply /RLY:BD/ mode=backoff

    reply /RLY:CH2/ mode=backoff

    #

    #Yahoo Errors

    reply /421 .* Please try again later/ mode=backoff

    reply /421 Message temporarily deferred/ mode=backoff

    reply /VS3-IP5 Excessive unknown recipients/ mode=backoff

    reply /VSS-IP Excessive unknown recipients/ mode=backoff

    #

    # The following 4 Yahoo errors may be very common

    # Using them may result in high use of backoff mode

    #

    reply /\[GL01\] Message from/ mode=backoff

    reply /\[TS01\] Messages from/ mode=backoff

    reply /\[TS02\] Messages from/ mode=backoff

    reply /\[TS03\] All messages from/ mode=backoff

    #

    #Hotmail Errors

    reply /exceeded the rate limit/ mode=backoff

    reply /exceeded the connection limit/ mode=backoff

    reply /Mail rejected by Windows Live Hotmail for policy reasons/ mode=backoff

    reply /mail.live.com\/mail\/troubleshooting.aspx/ mode=backoff

    #

    #Adelphia Errors

    reply /421 Message Rejected/ mode=backoff

    reply /Client host rejected/ mode=backoff

    reply /blocked using UCEProtect/ mode=backoff

    #

    #Road Runner Errors

    reply /Mail Refused/ mode=backoff

    reply /421 Exceeded allowable connection time/ mode=backoff

    reply /amIBlockedByRR/ mode=backoff

    reply /block-lookup/ mode=backoff

    reply /Too many concurrent connections from source IP/ mode=backoff

    #

    #General Errors

    reply /too many/ mode=backoff

    reply /Exceeded allowable connection time/ mode=backoff

    reply /Connection rate limit exceeded/ mode=backoff

    reply /refused your connection/ mode=backoff

    reply /try again later/ mode=backoff

    reply /try later/ mode=backoff

    reply /550 RBL/ mode=backoff

    reply /TDC internal RBL/ mode=backoff

    reply /connection refused/ mode=backoff

    reply /please see www.spamhaus.org/ mode=backoff

    reply /Message Rejected/ mode=backoff

    reply /refused by antispam/ mode=backoff

    reply /Service not available/ mode=backoff

    reply /currently blocked/ mode=backoff

    reply /locally blacklisted/ mode=backoff

    reply /not currently accepting mail from your ip/ mode=backoff

    reply /421.*closing connection/ mode=backoff

    reply /421.*Lost connection/ mode=backoff

    reply /476 connections from your host are denied/ mode=backoff

    reply /421 Connection cannot be established/ mode=backoff

    reply /421 temporary envelope failure/ mode=backoff

    reply /421 4.4.2 Timeout while waiting for command/ mode=backoff

    reply /450 Requested action aborted/ mode=backoff

    reply /550 Access denied/ mode=backoff

    reply /exceeded the rate limit/ mode=backoff  # hotmail rate limit

  reply /421rlynw/ mode=backoff  # aol rate limit

  reply /permanently deferred/ mode=backoff  # yahoo

  reply /\d+\.\d+\.\d+\.\d+ blocked/ mode=backoff  # at&t, cox

  reply /generating high volumes of.* complaints from AOL/    mode=backoff

  reply /Excessive unknown recipients - possible Open Relay/  mode=backoff

  reply /^421 .* too many errors/                             mode=backoff

  reply /blocked.*spamhaus/                                   mode=backoff

  reply /451 Rejected/                                        mode=backoff

</smtp-pattern-list>

############################################################################

# END: BACKOFF RULES

############################################################################

############################################################################

# BEGIN: BOUNCE RULES

############################################################################

<bounce-category-patterns>

    /spam/ spam-related

    /junk mail/ spam-related

    /blacklist/ spam-related

    /blocked/ spam-related

    /\bU\.?C\.?E\.?\b/ spam-related

    /\bAdv(ertisements?)?\b/ spam-related

    /unsolicited/ spam-related

    /\b(open)?RBL\b/ spam-related

    /realtime blackhole/ spam-related

    /http:\/\/basic.wirehub.nl\/blackholes.html/ spam-related

    /\bvirus\b/ virus-related

    /message +content/ content-related

    /content +rejected/ content-related

    /quota/ quota-issues

    /limit exceeded/ quota-issues

    /mailbox +(is +)?full/ quota-issues

    /sender ((verify|verification) failed|could not be verified|address rejected|domain must exist)/ invalid-sender

    /unable to verify sender/ invalid-sender

    /requires valid sender domain/ invalid-sender

    /bad sender's system address/ invalid-sender

    /No MX for envelope sender domain/ invalid-sender

    /^[45]\.4\.4/ routing-errors

    /no mail hosts for domain/ invalid-sender

    /Your domain has no(t)? DNS\/MX entries/ invalid-sender

    /REQUESTED ACTION NOT TAKEN: DNS FAILURE/ invalid-sender

    /Domain of sender address/ invalid-sender

    /return MX does not exist/ invalid-sender

    /Invalid sender domain/ invalid-sender

    /Verification failed/ invalid-sender

    /\bstorage\b/ quota-issues

    /(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee)

    (has|has been|is)? *(currently|temporarily+)?(disabled|expired|inactive|not activated)

    / inactive-mailbox

    /(conta|usu.rio) inativ(a|o)

    / inactive-mailbox

    /Too many (bad|invalid|unknown|illegal|unavailable) (user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee)/other

    /(No such|bad|invalid|unknown|illegal|unavailable) (local +)?(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee)

    / bad-mailbox

    /(user|mailbox|recipient|rcpt|local part|address|account|mail drop|ad(d?)ressee) +(\S+@\S+ +)?(not (a +)?valid|not known|not here|not

    found|does not exist|bad|invalid|unknown|illegal|unavailable)/ bad-mailbox

    /\S+@\S+ +(is +)?(not (a +)?valid|not known|not here|not found|does not exist|bad|invalid|unknown|illegal|unavailable)/ bad-mailbox

    /no mailbox here by that name/ bad-mailbox

    /my badrcptto list/ bad-mailbox

    /not our customer/ bad-mailbox

    /no longer (valid|available)/ bad-mailbox

    /have a \S+ account/ bad-mailbox

    /\brelay(ing)?/ relaying-issues

    /domain (retired|bad|invalid|unknown|illegal|unavailable)/ bad-domain

    /domain no longer in use/ bad-domain

    /domain (\S+ +)?(is +)?obsolete/ bad-domain

    /denied/ policy-related

    /prohibit/ policy-related

    /refused/ policy-related

    /allowed/ policy-related

    /banned/ policy-related

    /policy/ policy-related

    /suspicious activity/ policy-related

    /bad sequence/ protocol-errors

    /syntax error/ protocol-errors

    /\bsmtp-hosts\b/ routing-errors

    /\bunroutable\b/ routing-errors

    /\bunsmtp-hostsable\b/ routing-errors

#additions by krish

    /Recipient address rejected/ invalid-mailbox

    /DYN:T1/ ploicy-related

    /Service unavailable/ ploicy-related

    /DNSBL/ spam-related

    /ccount has been disabled or discontinued/ bad-mailbox

    /oo many recip/ policy-related

    /no valid recipie/ invalid-mailbox

    /Account Inactive/ invalid-mailbox

    /service provider since part of their network is on our block list/ spam-related

    /Invalid 7bit DATA/ content-related

    /^2.\d+.\d+;/ success

    /^[45]\.1\.[1346];/ bad-mailbox

    /^[45]\.1\.2/ bad-domain

    /^[45]\.1\.[78];/ invalid-sender

    /^[45]\.2\.0;/ bad-mailbox

    /^[45]\.2\.1;/ inactive-mailbox

    /^[45]\.2\.2;/ quota-issues

    /^[45]\.3\.3;/ content-related

    /^[45]\.3\.5;/ bad-configuration

    /^[45]\.4\.1;/ no-answer-from-host

    /^[45]\.4\.2;/ bad-connection

    /^[45]\.4\.[36];/ routing-errors

    /^[45]\.4\.7;/ message-expired

    /^[45]\.5\.3;/ policy-related

    /^[45]\.5\.\d+;/ protocol-errors

    /^[45]\.6\.\d+;/ content-related

    /^[45]\.7\.[012];/ policy-related

    /^[45]\.7\.7;/ content-related

    // other    # catch-all

</bounce-category-patterns>

############################################################################

# END: BOUNCE RULES

############################################################################

############################################################################

# BEGIN: OTHER OPTIONS

############################################################################

#smtp-port 2525

<source 0/0>

log-connections yes

log-commands    yes      # WARNING: verbose!

  allow-unencrypted-plain-auth yes

</source>

sync-msg-create false

sync-msg-update false

run-as-root no

log-file /var/log/pmta/log        # logrotate is used for rotation

<acct-file /var/log/pmta/acct.csv>

#    move-to /opt/myapp/pmta-acct   # configure as fit for your application

#    move-interval 5m

    max-size 50M

</acct-file>

# transient errors (soft bounces)

<acct-file /var/log/pmta/diag.csv>

  move-interval 1d

  delete-after never

  records t

</acct-file>

#

# spool directories

#

spool /var/spool/pmta

http-mgmt-port 1983

http-access 127.0.0.1 admin

http-access 0/0 monitor

http-access 176.283.454.55 admin

############################################################################

# END: OTHER OPTIONS

############################################################################

################################################ ############################

# BEGIN: USERS/VIRTUAL-MTA / VIRTUAL-MTA-POOL /  VIRTUAL-PMTA-PATTERN

################################################ ############################

#<spool /var/spool/pmta>

#</spool>

<smtp-user user>

password passwd

source {smtpuser-auth}

</smtp-user>

<source {smtpuser-auth}>

smtp-service yes

always-allow-relaying yes

require-auth true

process-x-virtual-mta yes

default-virtual-mta pmta-pool

remove-received-headers true

add-received-header false

hide-message-source true

</source>

smtp-listener 176.283.454.55:2525

#BEGIN VIRTUAL MTAS 

<virtual-mta pmta-vmta1> 

smtp-source-host 176.283.454.55 mta1.domain.com 

domain-key mailer,*,/etc/pmta.key 

#domain-key default,*,/var/cpanel/domain_keys/private/domain.com 

<domain *> 

max-msg-rate 400/h 

</domain> 

</virtual-mta> <domain domain.com> 

smtp-hosts [127.0.0.1]:2525 

</domain> 

#END VIRTUAL MTAS

<virtual-mta-pool pmta-pool>

#virtual-mta pmta-vmta1

</virtual-mta-pool>

################################################ ############################

# END: USERS/VIRTUAL-MTA / VIRTUAL-MTA-POOL /  VIRTUAL-PMTA-PATTERN

################################################ ############################

<source 127.0.0.1>

    always-allow-api-submission yes

    add-message-id-header yes

    retain-x-job yes

    retain-x-virtual-mta yes

    verp-default yes

    process-x-envid yes

    process-x-job yes

    jobid-header X-Mailer-RecptId

    process-x-virtual-mta yes

</source>

#<domain *>

#smtp-hosts [127.0.0.1]:2525

#</domain>

PowerMTA Multiple Virtual PMTA config file

# $Id: config 2015-03-24 16:00:00 Jack $
# Sample PowerMTA configuration file
# PowerMTA Multiple Virtual PMTA config file sample

#
# E-mail address for mailer's administrator (please specify!)
#
postmaster admin@mydomain.com
domain-key my-domain,*,/etc/dkim.key

#
# Settings per source IP address (for incoming SMTP connections)
#
<source 127.0.0.1>
always-allow-relaying yes # allow feeding from 127.0.0.1
process-x-virtual-mta yes # allow selection of a virtual MTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
allow-mailmerge yes
</source>

<source 23.45.67.100> # phplist or oempro installed
always-allow-relaying yes # allow feeding from mailer.mydomain.com
process-x-virtual-mta yes # allow selection of a virtual MTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
hide-message-source true
remove-header Received
allow-mailmerge yes
</source>

<source 102.202.33.2>
always-allow-relaying yes # allow feeding from 102.202.33.2
process-x-virtual-mta yes # allow selection of a virtual MTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
hide-message-source true
remove-header Received
</source>

<source 102.202.33.3>
always-allow-relaying yes # allow feeding from 102.202.33.3
process-x-virtual-mta yes # allow selection of a virtual MTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
hide-message-source true
remove-header Received
</source>

<source 102.202.33.4>
always-allow-relaying yes # allow feeding from 102.202.33.4
process-x-virtual-mta yes # allow selection of a virtual MTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
hide-message-source true
remove-header Received
</source>

<source 102.202.33.5>
always-allow-relaying yes # allow feeding from 102.202.33.5
process-x-virtual-mta yes # allow selection of a virtual MTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
hide-message-source true
remove-header Received
</source>

<source 102.202.33.6>
always-allow-relaying yes # allow feeding from 102.202.33.6
process-x-virtual-mta yes # allow selection of a virtual MTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
hide-message-source true
remove-header Received
</source>

<source 0/0> # matches all
log-connections no
log-commands no # WARNING: verbose!
log-data no # WARNING: even more verbose!
allow-unencrypted-plain-auth no
default-virtual-mta mta-pool
process-x-virtual-mta yes
smtp-service yes
always-allow-api-submission yes
</source>

<virtual-mta mta1>
auto-cold-virtual-mta 23.45.68.200 mpta.mydomain.com # MPTA installed
<domain *>
max-cold-virtual-mta-msg 100/day
</domain>
smtp-source-host 23.45.68.200 mpta.mydomain.com # MPTA installed
</virtual-mta>

<virtual-mta mta2>
auto-cold-virtual-mta 102.202.33.2 name2.newdomain.com # config multiple domains/IPs
domain-key edm-mail,*,/etc/dkim.key
<domain *>
max-cold-virtual-mta-msg 100/day
dkim-sign yes
dkim-identity @mydomain.com
</domain>
smtp-source-host 102.202.33.2 name2.newdomain.com
</virtual-mta>

<virtual-mta mta3>
auto-cold-virtual-mta 102.202.33.3 name3.newdomain.com # config multiple domains/IPs
domain-key edm-mail,*,/etc/dkim.key
<domain *>
max-cold-virtual-mta-msg 100/day
dkim-sign yes
dkim-identity @mydomain.com
</domain>
smtp-source-host 102.202.33.3 name3.newdomain.com
</virtual-mta>

<virtual-mta mta4>
auto-cold-virtual-mta 102.202.33.4 name4.newdomain.com # config multiple domains/IPs
domain-key edm-mail,*,/etc/dkim.key
<domain *>
max-cold-virtual-mta-msg 100/day
dkim-sign yes
dkim-identity @mydomain.com
</domain>
smtp-source-host 102.202.33.4 name4.newdomain.com
</virtual-mta>

<virtual-mta mta5>
auto-cold-virtual-mta 102.202.33.5 name5.newdomain.com # config multiple domains/IPs
domain-key edm-mail,*,/etc/dkim.key
<domain *>
max-cold-virtual-mta-msg 100/day
dkim-sign yes
dkim-identity @mydomain.com
</domain>
smtp-source-host 102.202.33.5 name5.newdomain.com
</virtual-mta>

<virtual-mta mta6>
auto-cold-virtual-mta 102.202.33.6 name6.newdomain.com # config multiple domains/IPs
domain-key edm-mail,*,/etc/dkim.key
<domain *>
max-cold-virtual-mta-msg 100/day
dkim-sign yes
dkim-identity @mydomain.com
</domain>
smtp-source-host 102.202.33.6 name6.newdomain.com
</virtual-mta>


<virtual-mta-pool mta-pool>
virtual-mta mta2
virtual-mta mta3
virtual-mta mta4
virtual-mta mta5
virtual-mta mta6
</virtual-mta-pool>

#
# SMTP users (authenticated via SMTP AUTH)
#
#<smtp-user API>
# password "changeme"
#</smtp-user>

<smtp-user user1>
password R45eoDwZ
source {auth}
</smtp-user>
<smtp-user user2>
password R45eoDwZ
source {auth}
</smtp-user>

<source {auth}>
always-allow-relaying yes # allow feeding for defined users
process-x-virtual-mta yes # allow selection of a VirtualMTA
max-message-size 0 # 0 implies no cap, in bytes
smtp-service yes # allow SMTP service
require-auth true
default-virtual-mta mta-pool
</source>

#
# Settings per outgoing domain
#
#<domain discard.port25.com>
# max-smtp-out 800
# route [192.168.0.1]:2525 # bypasses DNS resolution
#</domain>
#
#<domain test.port25.com>
# max-smtp-out 1
# log-connections yes
# log-commands yes # WARNING: verbose!
# log-resolution no # WARNING: verbose!
# log-data no # WARNING: even more verbose!
#</domain>

#
# "{gmImprinter}" is a special queue used for imprinting Goodmail tokens.
#
<domain {gmImprinter}>
max-events-recorded 150
log-messages yes
log-data no # extremely verbose, for debugging only
retry-after 15s
</domain>

<domain *>
max-smtp-out 2 # max. connections *per domain*
bounce-after 4d12h # 4 days, 12 hours
retry-after 60m # 10 minutes
max-msg-rate 100/h
max-msg-per-connection 20
max-errors-per-connection 10
smtp-greeting-timeout 1m # added in v3.2r17
bounce-upon-no-mx yes
mx-connection-attempts 3 # added in v3.2r16
smtp-pattern-list backoff
backoff-to-normal-after 2h # added in v3.5
backoff-max-msg-rate 50/h # Use with PowerMTA 3.5
backoff-retry-after 90m
dk-sign yes
dkim-sign yes
</domain>

#
# Goodmail imprinter configuration
#
#<gm-imprinter>
# account-id ID # replace with value from mailcenter
# imprinter-id ID # replace with value from mailcenter
# imprinter-password PW # replace with value from mailcenter
#
# # If the directives below are not specified, defaults are picked as
# # described in the Goodmail documentation
#
# default-token-class 1 # optionally set as appropriate
# default-content-type 1 # optionally set as appropriate
# default-payer-id ID # optionally set as appropriate
# default-obo-id ID # optionally set as appropriate
#</gm-imprinter>


#
# Port used for HTTP management interface
#
http-mgmt-port 8080

#
# IP addresses allowed to access the HTTP management interface, one
# per line
#
http-access 127.0.0.1 monitor
#http-access 10.1.0.10 none
#http-access 10.1.0/24 admin
http-access 21.34.56.78 admin


#
# Synchronize I/O to disk after receiving the message. 'false' yields
# higher performance, but the message may be lost if the system crashes
# before it can write the data to disk.
#
sync-msg-create false

#
# Synchronize I/O to disk after updating the message (e.g., to mark recipients
# handled). 'false' yields higher performance, but if the system crashes
# before it can write the data to disk, some recipients may receive multiple
# copies of a message.
#
sync-msg-update false

#
# Whether to run the PowerMTA deamon as root
#
run-as-root no

#
# WARNING -- changing the settings below will probably break
# RPM installation, logrotate, etc.

#
# Logging file name
#
log-file /var/log/pmta/log # logrotate is used for rotation

#
# Accounting file(s)
#
<acct-file /var/log/pmta/acct.csv>
# move-to /opt/myapp/pmta-acct # configure as fit for your application
move-interval 5m
max-size 50M
</acct-file>

#
# Spool directories
#
spool /var/spool/pmta

# EOF

<smtp-pattern-list backoff>
#
# A QUEUE IN BACKOFF MODE WILL SEND MORE SLOWLY
# To place a queue back into normal mode, a command similar
# to one of the following will need to be run:
# pmta set queue mode=normal yahoo.com
# or
# pmta set queue mode=normal yahoo.com/vmta1
#
# To use backoff mode, uncomment individual <domain> directives
#
#Yahoo Errors
reply /421 .* Please try again later/ mode=backoff
reply /421 Message temporarily deferred/ mode=backoff
reply /VS3-IP5 Excessive unknown recipients/ mode=backoff
reply /VSS-IP Excessive unknown recipients/ mode=backoff
#
# The following 4 Yahoo errors may be very common
# Using them may result in high use of backoff mode
#
reply /[GL01] Message from/ mode=backoff
reply /[TS01] Messages from/ mode=backoff
reply /[TS02] Messages from/ mode=backoff
reply /[TS03] All messages from/ mode=backoff
#
#Hotmail Errors
reply /exceeded the rate limit/ mode=backoff
reply /exceeded the connection limit/ mode=backoff
reply /Mail rejected by Windows Live Hotmail for policy reasons/ mode=backoff
#
#Adelphia Errors
reply /421 Message Rejected/ mode=backoff
reply /Client host rejected/ mode=backoff
reply /blocked using UCEProtect/ mode=backoff
#
#Road Runner Errors
reply /Mail Refused/ mode=backoff
reply /421 Exceeded allowable connection time/ mode=backoff
reply /amIBlockedByRR/ mode=backoff
reply /block-lookup/ mode=backoff
reply /Too many concurrent connections from source IP/ mode=backoff
#
#General Errors
reply /too many/ mode=backoff
reply /Exceeded allowable connection time/ mode=backoff
reply /Connection rate limit exceeded/ mode=backoff
reply /refused your connection/ mode=backoff
reply /try again later/ mode=backoff
reply /try later/ mode=backoff
reply /550 RBL/ mode=backoff
reply /TDC internal RBL/ mode=backoff
reply /connection refused/ mode=backoff
reply /please see www.spamhaus.org/ mode=backoff
reply /Message Rejected/ mode=backoff
reply /refused by antispam/ mode=backoff
reply /Service not available/ mode=backoff
reply /currently blocked/ mode=backoff
reply /locally blacklisted/ mode=backoff
reply /not currently accepting mail from your ip/ mode=backoff
reply /421.*closing connection/ mode=backoff
reply /421.*Lost connection/ mode=backoff
reply /421 *connection limit exceeded/ mode=backoff
reply /476 connections from your host are denied/ mode=backoff
reply /421 Connection cannot be established/ mode=backoff
reply /421 temporary envelope failure/ mode=backoff
reply /421 4.4.2 Timeout while waiting for command/ mode=backoff
reply /450 Requested action aborted/ mode=backoff
reply /550 Access denied/ mode=backoff
</smtp-pattern-list>

#
# http://postmaster.info.aol.com/
<domain aol.com>
max-smtp-out 3
max-msg-per-connection 20
smtp-pattern-list backoff
421-means-mx-unavailable yes
backoff-to-normal-after 4h # added in v3.5
# backoff-notify admin@mydomain.com
backoff-max-msg-rate 20/h # Use with PowerMTA 3.5
backoff-retry-after 120m
dk-sign yes
dkim-sign yes
</domain>
#
<domain tom.com>
max-smtp-out 3
max-msg-per-connection 20
smtp-pattern-list backoff
421-means-mx-unavailable yes
backoff-to-normal-after 2h # added in v3.5
backoff-max-msg-rate 20/h # Use with PowerMTA 3.5
backoff-retry-after 120m
# backoff-notify admin@mydomain.com
dk-sign yes
dkim-sign yes
</domain>
#
<domain yahoo.com>
max-smtp-out 3
max-msg-per-connection 20
smtp-greeting-timeout 1m # added in v3.2r17
mx-connection-attempts 5 # added in v3.2r16
smtp-pattern-list backoff
backoff-to-normal-after 2h # added in v3.5
backoff-max-msg-rate 50/h # Use with PowerMTA 3.5
backoff-retry-after 90m
# backoff-notify admin@mydomain.com
dk-sign yes
dkim-sign yes
</domain>
#
<domain gmail.com>
max-smtp-out 3
max-msg-per-connection 50
smtp-greeting-timeout 1m # added in v3.2r17
mx-connection-attempts 5 # added in v3.2r16
smtp-pattern-list backoff
backoff-to-normal-after 2h # added in v3.5
backoff-max-msg-rate 50/h # Use with PowerMTA 3.5
backoff-retry-after 90m
# backoff-notify admin@mydomain.com
dk-sign yes
dkim-sign yes
</domain>
#
<domain hotmail.com>
max-smtp-out 3
max-msg-per-connection 50
421-means-mx-unavailable yes
smtp-pattern-list backoff
backoff-to-normal-after 2h # added in v3.5
backoff-max-msg-rate 50/h # Use with PowerMTA 3.5
backoff-retry-after 90m
# backoff-notify admin@mydomain.com
dk-sign yes
dkim-sign yes
</domain>
#
<domain msn.com>
max-smtp-out 3
max-msg-per-connection 50
smtp-pattern-list backoff
backoff-to-normal-after 2h # added in v3.5
backoff-max-msg-rate 50/h # Use with PowerMTA 3.5
backoff-retry-after 90m
# backoff-notify admin@mydomain.com
dk-sign yes
dkim-sign yes
</domain>
#
<domain att.net>
max-smtp-out 2
dk-sign yes
dkim-sign yes
</domain>
#
# may be outdated ?http://security.comcast.net/get-help/comcast-post-master-page.aspx
# recommended usage ?http://postmaster.comcast.net/avoidblocks.html
# http://feedback.comcast.net/
<domain comcast.net>
dk-sign yes
dkim-sign yes
max-smtp-out 2
max-msg-per-connection 20
</domain>
#
#
# Excite
#
# We have heard reports that Excite.com limits senders to 1,000 emails in a 10 minute period per IP during the day, but is unlimited between 1:00am to 5:00am MDT. While we cannot confirm these reports, here is what can be done in PowerMTA if you are having trouble sending to excite.com. Use the following settings:
#
#
<domain excite.com>
dk-sign yes
dkim-sign yes
backoff-max-msg-rate 100/h # Use with PowerMTA 3.5
</domain>

#
#The setting backoff-max-msg-per-hour will cause PowerMTA to take the total amount, divide it by 12, and send no more than that amount in 5 minute intervals over the hour. The number of recent delivery attempts is not kept in persistent storage, so re-starting PowerMTA resets the limit, possibly causing it to actually be exceeded. You may want to set it a little lower than 6000 to give yourself a buffer.
##Now for the tricky part.
#You will need to set the server to run the command pmta set queue mode=normal excite.com/* every night at 1am MDT (cron job in Linux or scheduled task in Windows). This will cause PowerMTA to go into normal mode, and send email in an unrestricted manner. At 5am MDT, schedule the command pmta set queue mode=backoff excite.com/* to run. This will put all excite.com email in backoff mode, and the above settings will go back into place.
#
# Comcast
#
#From the following page:
#http://customer.comcast.com/Pages/FAQViewer.aspx?seoid=RL000001
#It seems that Comcast has added some rate limiting based on your SenderScore (https://www.senderscore.org/).
#As such, The following configuration can be used (in conjunction with max-msg-per-connection and max-smtp-out from above), changing the rate based on your score and the data from Comcast抯 site:
#
<domain comcast.net>
dk-sign yes
dkim-sign yes
max-msg-rate 100/h
</domain>
<domain dkimvalidator.com>
dk-sign yes
dkim-sign yes
max-msg-rate 50/h
</domain>

How to retry delivery of Postfix mail in queue?

 postsuper -r ALL && postqueue -f

How to install Fully Featured Mail Server using Postal on Ubuntu 16.04

Prerquisites:

Ruby 2.3 or higher

MySQL or MariaDB database server

Erlang

RabbitMQ server

Node.js (for javascript compilation)

Git (for accessing the repository)

Nginx

Installing dependencies:

Install Ruby

sudo apt install software-properties-common

sudo apt-add-repository ppa:brightbox/ruby-ng

sudo apt update

sudo apt install ruby2.3 ruby2.3-dev build-essential

Install MySQL

sudo apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80 0xF1656F24C74CD1D8

sudo add-apt-repository 'deb [arch=amd64,i386,ppc64el] http://mirrors.coreix.net/mariadb/repo/10.1/ubuntu xenial main'

sudo apt update

sudo apt install mariadb-server libmysqlclient-dev

Some additional configuration may be required to optimise your MySQL server. This is outside the scope of this documentation.

Install Erlang

wget https://packages.erlang-solutions.com/erlang-solutions_1.0_all.deb 

sudo dpkg -i erlang-solutions_1.0_all.deb

sudo apt-get update sudo apt-get install erlang

sudo apt-get update sudo apt-get install esl-erlang

If there is any issue while installing Erlang then use the following command:

sudo apt-get purge elixir
sudo apt-get purge erlang

sudo apt-get install esl-erlang

Install RabbitMQ

curl -s https://packagecloud.io/install/repositories/rabbitmq/rabbitmq-server/script.deb.sh | sudo bash

sudo apt update

sudo apt-get install apt-transport-https

sudo apt install rabbitmq-server

Install Node.js

sudo apt install nodejs

Install Git

sudo apt install git

There is documentation for installing the core prerequisites if needed.

Preparing the database

Postal has a single main MySQL database that contains all configuration and each mail server you create will have its own database that stores its messages and other mail-server specific content. No configuration is stored in the mail server databases.

mysql -u root -p -h 127.0.0.1

Begin by creating your main database. Run the commands below to create a new database. Replace XXX with a suitable password.

CREATE DATABASE `postal` CHARSET utf8mb4 COLLATE utf8mb4_unicode_ci;

GRANT ALL ON `postal`.* TO `postal`@`127.0.0.1` IDENTIFIED BY "XXX";

Postal will handle the creation of databases for your mail servers but you need to give it access to do this. Run the following to add a grant that permits a user to manage all databases that are prefixed with postal-.

GRANT ALL PRIVILEGES ON `postal-%` . * to `postal`@`127.0.0.1`  IDENTIFIED BY "XXX";

Setting up RabbitMQ

Postal requires its own RabbitMQ vhost and user to connect with. You can create these using the following commands:

sudo rabbitmqctl add_vhost /postal

sudo rabbitmqctl add_user postal XXX

sudo rabbitmqctl set_permissions -p /postal postal ".*" ".*" ".*"

Preparing your operating system

Postal should be executed as its own user on your server. Run the following commands to create a new user with a home directory in /opt/postal.

sudo useradd -r -m -d /opt/postal -s /bin/bash postal

Postal needs to be able to listen on privileged ports (for example 80, 443 and 25). To enable this, we will allow ruby to listen on these ports. On a shared server this would be a security risk however on a server dedicated to Postal, this shouldn't cause any issues.

sudo setcap 'cap_net_bind_service=+ep' /usr/bin/ruby2.3

Installing system-wide gems

To run Postal, you'll need to have bundler and procodile installed on your system. Install them both:

sudo gem install bundler

sudo gem install procodile

Cloning the repository

Now, we're ready to get the repository cloned onto your server. Run the clone command as your postal user and clone into the /opt/postal/app directory.

sudo -i -u postal git clone https://github.com/atech/postal /opt/postal/app

The master branch (which is cloned by default) will contain the most stable version of the software. If you wish to work with a less stable branch, use the devel branch.

Postal provides a single binary that allows you to interact with it from any directory on your server. To make this available everywhere, simply symlink it into the /usr/bin/postal directory.

sudo ln -s /opt/postal/app/bin/postal /usr/bin/postal

Install Ruby dependencies

This will install all the required dependencies required to run the application.

postal bundle /opt/postal/app/vendor/bundle

Setting up configuration files

Before you can do anything, you'll need to generate the default configuration. By default, configuration is kept outside of the repository file structure and is stored in /opt/postal/config. Generate the initial configuration with the following command:

postal initialize-config

This will create a number of files for your configuration, including various private keys & certificates as well as a default postal.yml configuration file.

Configuring

Open up your new postal.yml configuration file from /opt/postal/config. Follow the comments in the example file and update items as appropriate based on your installation.

Initialize database & assets

postal initialize

Create your initial admin user

postal make-user

This will guide you through setting up a new admin user for your installation. You'll be prompted for an e-mail address, name & password. You can then use these when you first login.

Starting the application

To start the application, just run the following command. This will run postal in the foreground. This is only useful for testing and development. You'll run it in the background when you're sure everything is working.

postal run

If everything looks OK, you can just CTRL+C this and continue. If there are any errors, you should investigate these before continuing.

Now, you can run postal in the background on your server:

postal start

You can look at the status at any time using postal status.

Configuring Nginx

The Postal management interface and API should sit behind nginx. Install it and configure it as appropriate.

sudo apt install nginx

Once installed, you can change the default site configuration to match something suitable. The repository contains an example config file that you can copy into place.

sudo cp /opt/postal/app/resource/nginx.cfg /etc/nginx/sites-available/default

You can create a self signed SSL certificate if you need to (otherwise put your own

key & cert in /etc/nginx/ssl/postal.crt and postal.key)

sudo mkdir /etc/nginx/ssl/

sudo openssl req -x509 -newkey rsa:4096 -keyout /etc/nginx/ssl/postal.key -out /etc/nginx/ssl/postal.crt -days 365 -nodes

Make the appropriate changes for your domain and SSL certificate and then restart

sudo nano -w /etc/nginx/sites-available/default

sudo /etc/init.d/nginx restart

This might be a good time to set up Let's Encrypt rather than using a self-signed certificate. CertBot is a good way to go about setting this up.

Accessing the web interface

You can now navigate to your domain and you should see the Postal web interface asking for a login. You can login using the credentials you created earlier.

You can start by creating your own organization & mail server and exploring the system.

By default, the system is not configured to use any IP pools that are configured. Messages will be sent from the main IP on the server. Configuring multiple IP pools will be covered in other documentation.

Configuring Postal SMTP

The Postal system itself needs to be able to send e-mails. This is something that needs to be configured in your postal.yml configuration file. You can send these messages using Postal itself. Just create a new mail server and use its credentials in your config file. Postal sends emails when servers are approaching limits, new users are invited, password resets and more.

Once you have added the configuration for this, you can test the configuration using the command below. Replace the e-mail address with one of your own.

postal test-app-smtp youraddress@domain.com

Complete Installation with Git Repo:

https://gist.githubusercontent.com/amisalabir/5fd99cd156b2eba220ae826ef8348f89/raw/44bd3f5314e116c9134456aecae3258f15f10479/ubuntu1604.sh

Send html Form or Post data to Sendgrid contact list

How to Send html Form or Post data to Sendgrid contact list using PHP through API using JSON

################################## API ##############################

$curl = curl_init();

$list_ids="<<Your Contact List ID>>";

$first_name=$_POST['first_name'];

$last_name=$_POST['last_name'];

$email=$_POST['email'];

curl_setopt_array($curl, array(

  CURLOPT_URL => "https://api.sendgrid.com/v3/marketing/contacts",

  CURLOPT_RETURNTRANSFER => true,

  CURLOPT_ENCODING => "",

  CURLOPT_MAXREDIRS => 10,

  CURLOPT_TIMEOUT => 30,

  CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,

  CURLOPT_CUSTOMREQUEST => "PUT",

  CURLOPT_POSTFIELDS => "{\"list_ids\":[\"$list_ids\"],\"contacts\":[{\"address_line_1\":\"string (optional)\",\"address_line_2\":\"string (optional)\",\"city\":\"string (optional)\",\"country\":\"string (optional)\",\"email\":\"$email\",\"first_name\":\"$first_name\",\"last_name\":\"$last_name\",\"postal_code\":\"string (optional)\",\"state_province_region\":\"string (optional)\",\"custom_fields\":{}}]}",

  CURLOPT_HTTPHEADER => array(

    "authorization: Bearer SG.XXXXXXXXXXXXXX",

    "content-type: application/json"

  ),

));

$response = curl_exec($curl);

$err = curl_error($curl);

curl_close($curl);

if ($err) {

  echo "cURL Error #:" . $err;

} else {

  //echo $response;

    $_SESSION['message'] = "Thank You, we will get back to you in the next few days";

    

    if(isset($_POST['contactus'])){

        header('Location: contact.php');

    } else{

        eader('Location: sign-up.php');

    }

}

################################## API ##############################